Fix delete node permission on Fedora CoreOS node shutdown

* On cloud platforms, `delete-node.service` tries to delete the local node (not always possible depending on preemption time) * Since v1.18.3, kubelet TLS bootstrap generates a kubeconfig in `/var/lib/kubelet` which should be used with kubectl in the delete-node oneshot
2025-07-24 23:01:35 +02:00 · 2020-10-18 23:29:19 -07:00
parent eda78db08e
commit df17253e72
5 changed files with 15 additions and 7 deletions
--- a/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml
+++ b/aws/fedora-coreos/kubernetes/workers/fcc/worker.yaml
@ -86,10 +86,11 @@ systemd:
        [Unit]
        Description=Delete Kubernetes node on shutdown
        [Service]
+        Environment=KUBELET_IMAGE=quay.io/poseidon/kubelet:v1.19.3
        Type=oneshot
        RemainAfterExit=true
        ExecStart=/bin/true
-        ExecStop=/bin/bash -c '/usr/bin/podman run --volume /etc/kubernetes:/etc/kubernetes:ro,z --entrypoint /usr/local/bin/kubectl quay.io/poseidon/kubelet:v1.19.3 --kubeconfig=/etc/kubernetes/kubeconfig delete node $HOSTNAME'
+        ExecStop=/bin/bash -c '/usr/bin/podman run --volume /var/lib/kubelet:/var/lib/kubelet:ro,z --entrypoint /usr/local/bin/kubectl $${KUBELET_IMAGE} --kubeconfig=/var/lib/kubelet/kubeconfig delete node $HOSTNAME'
        [Install]
        WantedBy=multi-user.target
 storage: